For many office workers, the workday can be long for those who have dogs waiting at home. To address that concern, Wag Labs offers a dog-walking service that operates through a smartphone app. Provide your address and the usual transaction details, and they send you a lockbox to stash your keys outside your home. From there, you share the lockbox code with dog walkers who come to your house to pick up your pooch for a stroll. Simple, problem solved. What could possibly go wrong?
It turns out, as Emanuel Maiberg writes in Motherboard, “It is basically Uber for dog walking, right down to the huge security breaches that compromise users’ personal information.” The Wall Street Journal reported on Tuesday that Wag had inadvertently left customer addresses and codes to the lockboxes exposed, without passord protection, on its website.
Maiberg writes, “The Wall Street Journal said it observed more than 50 cases in which Wag exposed customers’ addresses as well as the codes to their lockboxes, which…hold the keys to their buildings and apartments.”
While the sensitive data was contained on obscure pages of the company’s website, it’s not clear how long the data was up, according to The Wall Street Journal.
Read the full story at Motherboard.